Transfer HR Data Automatically to tenfold

common desire among organizations with 500+ users who have started (or are seeking to start) an identity management project with tenfold is the ability to transfer user data from HR systems (such as SAP HCM) automatically to tenfold. Instead of having to painstakingly copy every item from the HR system when it is fed with new data or when existing data is modified, these organizations want the data transfer to happen automatically via an interface.

In the past, the only way to achieve this was through scripting (EXEC jobs). However, this approach is far from best practice. For this reason, tenfold has developed the out-of-the-box import plugin, which makes HR data imports easy as pie.

tenfold Import Plugin

With tenfold’s import plugin, you will have your HR interface for identity management up and running in no time – given the HR system is able to provide the required data for the import plugin to read out. It is the HR system provider or consultant who is responsible for provisioning this data regularly.

tenfold supports several technical means of data import: CSV file, database query via SQL or provisioning via script (e.g. for calling a REST service). The column and data formats can be configured individually and in great detail.

Connections to the most common HR solutions have already been implemented, including SAP HR, LOGA by P&I or DATEV.

Import Plugin: Features

Create New Users

Once the plugin is installed, it can recognize when a new user is added to the import source and can import this user to tenfold automatically. To do this, it generates a request for creating the new user in tenfold. The plugin also recognizes changes to master data and can trigger the necessary change requests in tenfold.

Delete Users

Users who leave the company are either already marked in a certain way or tagged with a leaving date. This way, the plugin knows exactly when to generate a delete request for that user’s accounts and privileges.

Plugin Automates Manual Tasks

Requests generated by the plugin are handled in exactly the same way as they would be if generated manually. When a new person is added manually in tenfold, including all relevant data, the subsequent processes are the same as those triggered by the plugin. The plugin automatically assigns the appropriate privileges to the user and all the other plugins also behave according to how they were configured.

Optional Approval Workflow

If desired, you can add an approval workflow upstream of the generated request. This is especially handy during the go-live phase because it allows you to observe, over a certain period of time, whether the HR data is being transmitted correctly and whether the associated requests triggered in tenfold contain the data.

Video Overview

Watch Our Demo Video to See tenfold in Action!

About the Author: Helmut Semmelmayer

Helmut Semmelmayer currently heads channel sales at the software company tenfold software. He looks back on 10 years of involvement in the identity and access management market. Having worked on countless customer projects, he has extensive knowledge of the challenges that organizations face when it comes to protecting data from unauthorized access. His goal is to educate businesses and build awareness for current and future access-based attack patterns.